Spectre-class Vulnerabilities

Multiple side channel attacks expose sensitive data

CPU vulnerabilities allow programs to access data unfettered

Based on latest reports, there have been four waves of Spectre-class vulnerabilities discovered that allow malicious programs to read sensitive data via side channel attacks. This brings the total count to over 30 vulnerabilities discovered this year alone, and raises questions about new threat models that need to be considered in the security architecture.

These new hardware-based vulnerabilities will create multiple challenges in that they take longer to fix and patch, and as companies move to cloud providers, there are no guarantees for what hardware the applications are running on. Put another way, the computing ground people thought they were all standing on to process data, doesn’t seem as stable given these new security gaps.

How Baffle Helps

Baffle's Advanced Data Protection makes data breaches irrelevant

Advanced and persistent attack threat mitigation

By encrypting data in memory, in process and at-rest, Baffle makes data theft and exfiltration much more difficult for advanced attack schemes like side channel attacks. Memory scraping and side channel attacks will only yield encrypted data.

Eliminates hardware dependencies

Keeping track of your data is hard enough. Knowing what specific hardware it lives on in a virtualized and cloud world is even harder. Remove those concerns by protecting your data end-to-end.

Related Posts

The New Year has brought to light a significant vulnerability in processor architectures. In the desire to improve performance, memory isolation, which is one of the fundamental security features provided by modern processors, has been compromised. Meltdown and Spectre have shown us how the micro-architectural…

VULNERABILITY WAVE EXAMPLES In April 2014, a two year old zero day vulnerability was discovered in OpenSSL. Heartbleed represented a new finding in TLS implementations that exposed over 800,000 websites to the exposure. In the subsequent months through 2014, four additional vulnerabilities were uncovered that…